Cargando…

Mastering the Nmap scripting engine : master the Nmap scripting engine and the art of developing NSE scripts /

If you want to learn to write your own scripts for the Nmap Scripting Engine, this is the book for you. It is perfect for network administrators, information security professionals, and even Internet enthusiasts who are familiar with Nmap.

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Pale, Paulino Calderon (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, UK : Packt Publishing, 2015.
Colección:Community experience distilled.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • ""Cover ""; ""Copyright ""; ""Credits""; ""About the Author""; ""Acknowledgments""; ""About the Reviewers""; ""www.PacktPub.com""; ""Table of Contents""; ""Preface""; ""Chapter 1: Introduction to the Nmap Scripting Engine ""; ""Installing Nmap""; ""Building Nmap from source code""; ""Keeping Nmap up to date""; ""Running NSE scripts""; ""Script categories""; ""NSE script selection""; ""Selecting by script name or category""; ""Selecting by filename or folder""; ""Advanced script selection with expressions""; ""NSE script arguments""; ""Loading script arguments from a file""
  • ""Forcing the execution of NSE scripts""""Debugging NSE scripts""; ""Scan phases and NSE""; ""NSE script rules""; ""Applications of NSE scripts""; ""Information-gathering""; ""Collecting UPNP information""; ""Finding all hostnames resolving to the same IP address""; ""Advanced host discovery""; ""Discovering hosts with broadcast pings""; ""Listening to your LAN to discover targets""; ""Password auditing""; ""Brute-forcing MySQL passwords""; ""Brute-forcing SMTP passwords""; ""Vulnerability scanning""; ""Detecting insecure MySQL server configurations""
  • ""Detecting web servers vulnerable to slow denial-of-service attacks""""Detecting SSL servers vulnerable to CVE-2014-3566""; ""Setting up a development environment""; ""Halcyon IDE""; ""Adding new scripts""; ""Summary""; ""Chapter 2 : Lua Fundamentals""; ""Quick notes about Lua""; ""Comments""; ""Dummy assignments""; ""Indexes""; ""Semantics""; ""Coercion""; ""Safe language""; ""Booleans""; ""Flow control structures""; ""Conditional statements â€? if-then, else, and elseif""; ""Loops â€? while""; ""Loops â€? repeat""; ""Loops â€? for""; ""Data types""; ""String handling""
  • ""Character classes""""Magic characters""; ""Patterns""; ""Captures""; ""Repetition operators""; ""Concatenation""; ""Finding substrings""; ""String repetition""; ""String length""; ""Formatting strings""; ""Splitting and joining strings""; ""Common data structures""; ""Tables""; ""Arrays""; ""Linked lists""; ""Sets""; ""Queues""; ""Custom data structures""; ""http-enum database""; ""http-default-accounts""; ""I/O operations""; ""Modes""; ""Opening a file""; ""Reading a file""; ""Writing a file""; ""Closing a file""; ""Coroutines""; ""Creating a coroutine""; ""Executing a coroutine""
  • ""Determining the running coroutine""""Getting the status of a coroutine""; ""Yielding a coroutine""; ""Metatables and metamethods""; ""Arithmetic metamethods""; ""Relational metamethods""; ""Summary""; ""Chapter 3 : NSE Data Files""; ""Locating your data directory""; ""Data directory search order""; ""Username and password lists used in brute-force attacks""; ""Username dictionaries""; ""Password dictionaries""; ""Web application auditing data files""; ""http-fingerprints.lua""; ""http-sql-errors.lst""; ""http-web-files-extensions.lst""; ""http-devframework-fingerprints.lua""